cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Preferred Syslog Server

SOLVED
Getting noticed

Preferred Syslog Server

Hello Experts,

 

Looking to add a syslog server to MX100, any suggestions?I'm new to building a syslog server. Thanks.

 

Hubble

1 ACCEPTED SOLUTION

Accepted Solutions
Building a reputation

Re: Preferred Syslog Server

I had to discover a better real-time syslog monitor once we transitioned to Meraki MXs for our Firewalls. I found Syslog Watcher as an option. You can get a 30-day free trial and if needed, support can extend it...and extend it...and extend....I digress.

We ended up purchasing it because it is a pretty powerful real time monitoring tool and it only cost $250 for a year or $450 for 3 years.

It has helped tremendously with real-time traffic viewing from the firewall. If anyone questions whether or not data is getting to, through, or blocked by the firewall, this software can let you know and answer right away. Filtering is pretty simple and you can store logs to go back and query previous logs.

We use Solarwinds Orion for an SNMP server, but for syslog it was missing a lot of the features that Syslog watcher made up in .
CMNO, CCNA R+S

View solution in original post

9 REPLIES 9
Highlighted
Kind of a big deal

Re: Preferred Syslog Server

Does it have to be free?
Do you have a budget?
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Getting noticed

Re: Preferred Syslog Server

Free trial first will be ideal
Head in the Cloud

Re: Preferred Syslog Server

I use https://papertrailapp.com/. It has a free tier and kind of goes with the cloud concept of Meraki well.

 

 

Building a reputation

Re: Preferred Syslog Server

I had to discover a better real-time syslog monitor once we transitioned to Meraki MXs for our Firewalls. I found Syslog Watcher as an option. You can get a 30-day free trial and if needed, support can extend it...and extend it...and extend....I digress.

We ended up purchasing it because it is a pretty powerful real time monitoring tool and it only cost $250 for a year or $450 for 3 years.

It has helped tremendously with real-time traffic viewing from the firewall. If anyone questions whether or not data is getting to, through, or blocked by the firewall, this software can let you know and answer right away. Filtering is pretty simple and you can store logs to go back and query previous logs.

We use Solarwinds Orion for an SNMP server, but for syslog it was missing a lot of the features that Syslog watcher made up in .
CMNO, CCNA R+S

View solution in original post

Getting noticed

Re: Preferred Syslog Server

Thanks, I’ll try that

Kind of a big deal

Re: Preferred Syslog Server

I like Linux and for be I would be using Ubuntu and its built in syslog service.  This is a complete step by step guide.

https://computingforgeeks.com/how-to-configure-rsyslog-centralized-log-server-on-ubuntu-18-04-lts/ 

Getting noticed

Re: Preferred Syslog Server

Thanks I’ll look into it 

Building a reputation

Re: Preferred Syslog Server

Splunk and ELK (Elasticsearch, Logstash, Kibana) even more so are great tools for monitoring and visualizing. The downside is the steeper learning curve, but it's deinitely worth it!

Building a reputation

Re: Preferred Syslog Server

Now were looking at SIEMs! SIEMs are exciting and awesome. A whole different league when it comes to reporting. Good idea @CptnCrnch.
CMNO, CCNA R+S
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.